Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Apple Safari Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system.1. An integer overflow error in ColorSync when processing images with a malformed color...
Last Update Date: 28 Jan 2011 Release Date: 13 Nov 2009 4307 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Word File Information Memory Corruption Vulnerability( 11 November 2009 )

A remote code execution vulnerability exists in the way that Microsoft Office Word handles a specially crafted Word file that includes a malformed record. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, ...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 4114 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows License Logging Server Heap Overflow Vulnerability( 11 November 2009 )

An unauthenticated remote code execution vulnerability exists in the way that the Microsoft License Logging Server software handles specially crafted RPC packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 4143 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Web Services on Devices API Memory Corruption Vulnerability( 11 November 2009 )

A remote code execution vulnerability exists in the Web Services on Devices API (WSDAPI) on Windows systems. The vulnerability is due to the service not properly handling a WSDAPI message with a specially crafted header. An attacker who successfully exploited this vulnerability could take complete control...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 4141 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Excel Multiple Vulnerabilities( 11 November 2009 )

1. Excel Cache Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, ...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 4146 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Active Directory LSASS Recursive Stack Overflow Vulnerability( 11 November 2009 )

A denial of service vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008. The vulnerability also exists in implementations of Active Directory Application Mode (ADAM) when installed on Windows XP and Windows Server 2003, ...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 4175 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities( 11 November 2009 )

1. Win32k NULL Pointer Dereferencing VulnerabilityAn elevation of privilege vulnerability exists because the Windows kernel does not properly validate an argument passed to a Windows kernel system call. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 4146 Views

RISK: Medium Risk

Medium Risk

Apple Mac OS X Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by remote or local attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system.1. Due to a heap overflow error in QuickDraw...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 4502 Views

RISK: Medium Risk

Medium Risk

HP-UX Java Multiple Vulnerabilities

Multiple vulnerabilities have been identified in HP-UX, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service, or compromise an affected system. These issues are caused by errors in Java.
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 4421 Views

RISK: Medium Risk

Medium Risk

HP Power Manager Unspecified Remote Code Execution Vulnerability

A vulnerability has been identified in HP Power Manager, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an unspecified error when processing user-supplied requests, which could allow remote attackers to execute arbitrary code.
Last Update Date: 28 Jan 2011 Release Date: 6 Nov 2009 4373 Views